Create a Ransomware Incident Response Plan

Don’t be the next headline. Determine your current readiness, plan your response, and develop projects to close gaps.

Onsite Workshop

Ransomware is a high-profile threat that demands immediate attention:

  • Organizations large and small hit by ransomware make the news every week.
  • Executives want reassurance – but aren’t ready to write a blank check. Improvements must be targeted and justified.
  • No one is bulletproof, so the ability to recover from (not just prevent) a ransomware attack is critical. Yet backup and disaster recovery capabilities are often lacking.

Take specific actions to improve your ability to prevent and respond to a ransomware attack:

  • Execute a systematic assessment of your current security and disaster recovery (DR) practices to identify gaps and quick wins.
  • Quantify ransomware risk to prioritize investments and drive security awareness.
  • Run tabletop planning exercises to plan for ransomware attacks, build a more effective incident response plan, and further identify projects to help close gaps.

Module 1: Assess Your Ransomware Readiness

The Purpose

Measure your organization's current readiness and identify key systems to focus on first.

Key Benefits Achieved

  • Identify a baseline maturity metric to measure progress over time.
  • Identify gaps in existing security processes and technology.

Activities: Outputs:
1.1 Conduct a maturity assessment.
  • Maturity assessment, including baseline metrics and gaps to address
1.2 Review selected systems and dependencies.
  • Well-defined scope to enable a deeper dive into assessing readiness and response

Module 2: Conduct a Business Improvement Analysis

The Purpose

Conduct a BIA to raise risk awareness and set recovery targets. Quantify the business impact of a ransomware attack to communicate risk and prioritize the systems and data that need the greatest protection.

Key Benefits Achieved

  • Achieve consensus between the business and IT on system criticality, risk, and recovery objectives.

Activities: Outputs:
2.1 Record systems and dependencies.
  • Context for an impact analysis
2.2 Complete the impact analysis for selected systems and data sets.
  • Estimated impact of downtime and data loss from a ransomware attack
  • System prioritization and acceptable RTOs/RPOs assigned based on business impact

Module 3: Create a Ransomware Response Workflow and Runbook

The Purpose

  • Use tabletop planning to drive a more accurate and more effective incident response plan.

Key Benefits Achieved

Develop the following:

  • An incident response workflow that provides an at-a-glance view for team leads
  • A runbook that outlines specific actions to execute a ransomware response

Activities: Outputs:
3.1 Document your threat escalation protocol.
  • Stakeholders and severity-driven escalation guidelines identified
3.2 Use tabletop planning to identify response steps and gaps.
  • A flowchart of tabletop planning results that provides a record of the exercise, a current-state response workflow, and gaps to address
3.3 Update your ransomware response workflow and runbook.
  • More accurate and comprehensive incident response documentation

Module 4: Build a Project Roadmap to Close Gaps

The Purpose

Create an executive presentation summarizing your organization's current ransomware readiness and a prioritized project roadmap to improve your prevention and recovery capabilities.

Key Benefits Achieved

  • Communicate current risk, gaps, and recommendations to senior leadership.

Activities: Outputs:
4.1 Identify initiatives to improve ransomware readiness.
  • An aggregated list of gaps and initiatives
4.2 Prioritize initiatives to close gaps in a project roadmap.
  • Ransomware project roadmap

Workshop icon Book Your Workshop

Onsite Workshops offer an easy way to accelerate your project. If you are unable to do the project yourself, and a Guided Implementation isn’t enough, we offer low-cost onsite delivery of our Project Workshops. We take you through every phase of your project and ensure that you have a road map in place to complete your project successfully.

Book a Workshop View Blueprint
Visit our IT Cost Optimization Center
Over 100 analysts waiting to take your call right now: 1-519-432-3550 x2019
Contact Us